What is a Whitelist?

Explicitly Permitting Domains in Your DNS Filter

A whitelist is a list of domains explicitly permitted through a DNS filter. The term is a synonym for allowlist — the modern, preferred term in the networking industry.

Set Up DNS Filtering

Step 1: What is a Whitelist?

A whitelist is a list of domains that are explicitly permitted to pass through a DNS filter, regardless of category-based blocking rules. If a domain is whitelisted, the DNS resolver will always return its correct IP address.

Whitelisting is essential when broad category filters accidentally block legitimate resources. For example, a school might block social media but whitelist a specific educational platform hosted on a social domain.

For the most restrictive setup, a whitelist-only mode blocks everything except explicitly approved domains.

Step 2: Whitelist vs Allowlist

"Whitelist" and "allowlist" mean exactly the same thing. The industry has been transitioning to "allowlist" as the preferred term because it's more descriptive and inclusive:

  • Whitelist = Allowlist: Domains explicitly permitted through the filter
  • Blacklist = Blocklist / Denylist: Domains explicitly blocked by the filter

You'll see both terms used across the industry and in CleanBrowsing's documentation. They are interchangeable — the functionality is identical.

Step 3: Using Whitelists Effectively

Best practices for managing your whitelist:

  • Keep it minimal: Only whitelist domains that genuinely need to bypass filters — an overly broad whitelist weakens your filtering policy
  • Review regularly: Audit your whitelist periodically to remove domains that are no longer needed
  • Use per-profile whitelists: CleanBrowsing's profile system lets different user groups have different whitelists
  • Automate with the API: Use the CleanBrowsing API to manage whitelists programmatically for large deployments

For a complete guide to allowlist/whitelist management, see our allowlist guide.

Fine-tune your DNS filtering

Set Up CleanBrowsing